services:
  {{ service_name }}:
    image: docker.io/semaphoreui/semaphore:v2.16.45
    container_name: {{ container_name }}
    user: "{{ user_uid }}:{{ user_gid }}"
    env_file:
      - .env.semaphore
    {% if ports_enabled %}
    ports:
      - "{{ ports_http }}:3000"
    {% endif %}
    {% if network_enabled or traefik_enabled %}
    networks:
      {% if network_enabled %}
      - {{ network_name }}
      {% endif %}
      {% if traefik_enabled %}
      - {{ traefik_network }}
      {% endif %}
    {% endif %}
    {% if traefik_enabled %}
    labels:
      - traefik.enable=true
      - traefik.docker.network={{ traefik_network }}
      - traefik.http.services.{{ service_name }}.loadbalancer.server.port=3000
      - traefik.http.routers.{{ service_name }}-http.rule=Host(`{{ traefik_host }}`)
      - traefik.http.routers.{{ service_name }}-http.entrypoints={{ traefik_entrypoint }}
      {% if traefik_tls_enabled %}
      - traefik.http.routers.{{ service_name }}-https.rule=Host(`{{ traefik_host }}`)
      - traefik.http.routers.{{ service_name }}-https.entrypoints={{ traefik_tls_entrypoint }}
      - traefik.http.routers.{{ service_name }}-https.tls=true
      - traefik.http.routers.{{ service_name }}-https.tls.certresolver={{ traefik_tls_certresolver }}
      {% endif %}
    {% endif %}
    volumes:
      - ./inventory:/inventory:ro
      - ./authorized-keys:/authorized-keys:ro
      - ./config:/etc/semaphore:rw
    depends_on:
      {% if database_type == 'mysql' %}
      - {{ service_name }}-mysql
      {% elif database_type == 'postgres' %}
      - {{ service_name }}-postgres
      {% endif %}
    restart: {{ restart_policy }}

  {% if not database_external %}
  {% if database_type == 'mysql' %}
  {{ service_name }}-mysql:
    image: docker.io/library/mysql:8.4
    container_name: {{ service_name }}-mysql
    env_file:
      - .env.database
    healthcheck:
      test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-u", "{{ database_user }}", "-p{{ database_password }}"]
      start_period: 30s
      interval: 10s
      timeout: 10s
      retries: 5
    volumes:
      - database_data:/var/lib/mysql
    {% if network_enabled or traefik_enabled %}
    networks:
      {% if network_enabled %}
      - {{ network_name }}
      {% endif %}
      {% if traefik_enabled %}
      - {{ traefik_network }}
      {% endif %}
    {% endif %}
    restart: {{ restart_policy }}
  {% elif database_type == 'postgres' %}
  {{ service_name }}-postgres:
    image: docker.io/library/postgres:17.7
    container_name: {{ service_name }}-postgres
    env_file:
      - .env.database
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U {{ database_user }}"]
      start_period: 30s
      interval: 10s
      timeout: 10s
      retries: 5
    volumes:
      - database_data:/var/lib/postgresql/data
    {% if network_enabled or traefik_enabled %}
    networks:
      {% if network_enabled %}
      - {{ network_name }}
      {% endif %}
      {% if traefik_enabled %}
      - {{ traefik_network }}
      {% endif %}
    {% endif %}
    restart: {{ restart_policy }}
  {% endif %}
  {% endif %}

{% if network_enabled or traefik_enabled %}
networks:
  {% if network_enabled %}
  {{ network_name }}:
    {% if network_external %}
    external: true
    {% else %}
    driver: bridge
    {% endif %}
  {% endif %}
  {% if traefik_enabled %}
  {{ traefik_network }}:
    external: true
  {% endif %}
{% endif %}

volumes:
  {% if not database_external %}
  database_data:
    driver: local
  {% endif %}
